creating-mcp-servers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and references/LLMS_TXT.md explicitly direct the agent to search LLMS_TXT.md and use web_fetch to retrieve documentation from the public site https://gofastmcp.com (see "Documentation Retrieval Workflow" and "Mandatory Patterns"), so the agent will ingest open web content that is used to drive tooling/behavior and could carry indirect prompt-injection instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's mandatory installation pattern instructs running curl -LsSf https://astral.sh/uv/install.sh | sh to install the required "uv" tool, which clearly fetches and executes remote code that the skill depends on.